文摘
Paying attention to authenticity, as a security requirement, in the early phases of the software life-cycle (such as requirement and-or design) can save project cost, time, and effort. However, in the ISO 25010 quality model which describes quality sub-characteristics, authenticity measures are not explicitly described, neither are they documented with sufficient details. This paper proposes a clear and precise way of measuring the “authenticity” sub-characteristic based on structural and functional size measurements. This combination can be used to identify the risk of authenticity violation in the design phase. An example of Facebook Web User Authentication is used to illustrate our proposed measurement.